Work on configuration template
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Some checks reported errors
continuous-integration/drone/push Build encountered an error
This commit is contained in:
parent
9ddb07ddb4
commit
708147f415
GPG key ID:
DA7B27055C66D6DE
2 changed files with 58 additions and 6 deletions
|
|
@ -1,4 +1,15 @@
|
||||||
---
|
---
|
||||||
wireguard_interface: wg0
|
wireguard_interface: wg0
|
||||||
wireguard_port: 51820
|
wireguard_port: 51820
|
||||||
|
# wireguard_address: 10.0.0.1/24
|
||||||
|
# wireguard_dns:
|
||||||
|
# wireguard_fwmark:
|
||||||
|
# wireguard_mtu:
|
||||||
|
# wireguard_table:
|
||||||
|
# wireguard_preup:
|
||||||
|
# wireguard_postup:
|
||||||
|
# wireguard_predown:
|
||||||
|
# wireguard_postdown:
|
||||||
|
wireguard_save_config: true
|
||||||
|
|
||||||
skip_conf: false
|
skip_conf: false
|
||||||
|
|
@ -1,14 +1,55 @@
|
||||||
[Interface]
|
[Interface]
|
||||||
PrivateKey = {{ wireguard_private_key }}
|
PrivateKey = {{ wireguard_private_key }}
|
||||||
#Address = 10.0.0.1/24
|
Address = {{ wireguard_address }}
|
||||||
DNS = {{ vpn_network }}.1
|
|
||||||
SaveConfig = true
|
|
||||||
ListenPort = {{ wireguard_port }}
|
ListenPort = {{ wireguard_port }}
|
||||||
|
{% if wireguard_dns is defined %}
|
||||||
|
DNS = {{ wireguard_dns }}
|
||||||
|
{% endif %}
|
||||||
|
{% if wireguard_fwmark is defined %}
|
||||||
|
FwMark = {{ wireguard_fwmark }}
|
||||||
|
{% endif %}
|
||||||
|
{% if wireguard_mtu is defined %}
|
||||||
|
MTU = {{ wireguard_mtu }}
|
||||||
|
{% endif %}
|
||||||
|
{% if wireguard_table is defined %}
|
||||||
|
Table = {{ wireguard_table }}
|
||||||
|
{% endif %}
|
||||||
|
{% if wireguard_preup is defined %}
|
||||||
|
{% for wg_preup in wireguard_preup %}
|
||||||
|
PreUp = {{ wg_preup }}
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
|
{% if wireguard_postup is defined %}
|
||||||
|
{% for wg_postup in wireguard_postup %}
|
||||||
|
PostUp = {{ wg_postup }}
|
||||||
|
{% endfor %}
|
||||||
|
{% else %}
|
||||||
PostUp = firewall-cmd --add-port {{ wireguard_port }}/udp && firewall-cmd --add-masquerade
|
PostUp = firewall-cmd --add-port {{ wireguard_port }}/udp && firewall-cmd --add-masquerade
|
||||||
|
{% endif %}
|
||||||
|
{% if wireguard_predown is defined %}
|
||||||
|
{% for wg_predown in wireguard_predown %}
|
||||||
|
PreDown = {{ wg_predown }}
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
|
{% if wireguard_postdown is defined %}
|
||||||
|
{% for wg_postdown in wireguard_postdown %}
|
||||||
|
PostDown = {{ wg_postdown }}
|
||||||
|
{% endfor %}
|
||||||
|
{% else %}
|
||||||
PostDown = firewall-cmd --remove-port {{ wireguard_port }}/udp && firewall-cmd --remove-masquerade
|
PostDown = firewall-cmd --remove-port {{ wireguard_port }}/udp && firewall-cmd --remove-masquerade
|
||||||
|
{% endif %}
|
||||||
|
{% if wireguard_save_config is defined %}
|
||||||
|
SaveConfig = {{ wireguard_save_config }}
|
||||||
|
{% endif %}
|
||||||
|
{% for host in ansible_play_hosts %}
|
||||||
|
{% if host != inventory_hostname %}
|
||||||
|
|
||||||
[Peer]
|
[Peer]
|
||||||
|
# {{ host }}
|
||||||
PublicKey = {{ public_key_files.results[0].stdout }}
|
PublicKey = {{ public_key_files.results[0].stdout }}
|
||||||
AllowedIPs = 0.0.0.0/0,::/0
|
#AllowedIPs = 0.0.0.0/0,::/0
|
||||||
|
AllowedIPs = {{ wireguard_address }}
|
||||||
Endpoint = {{ ansible_default_ipv4.address }}:{{ vpn_port }}
|
Endpoint = {{ ansible_default_ipv4.address }}:{{ vpn_port }}
|
||||||
PersistentKeepalive = 20
|
PersistentKeepalive = 20
|
||||||
|
{% endif %}
|
||||||
|
{% endfor %}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue